...
The EmpowerID SaaS option alleviates all infrastructure concerns, allowing you to focus on solving business needs with EmpowerID on day - one. EmpowerID SaaS runs on a fully redundant Microsoft Azure infrastructure in the region of your choice, with all aspects of management and monitoring handled by our infrastructure team. EmpowerID SaaS deployments are appropriately sized to balance your organization’s demanding SLAs with costs and scaled as - and - when needed. Additional service options are available for SaaS customers to offload all EmpowerID management tasks, including configuration management, converting their SaaS EmpowerID into a fully managed service. All managed service offerings can be phased out as a customer develops their own internally trained support staff.
Organizations can self-host EmpowerID in their own private Microsoft Azure tenant. Our team can provide any level of support, ranging from consulting to assist your engineers in designing your infrastructure to offering a full-managed service to run and manage your EmpowerID installation. Support for other public Cloud cloud platforms such as Amazon Web Services (AWS) are is in beta now.
An on-premise installation of EmpowerID allows an organization to manage Cloud and on-premise systems but run EmpowerID from their own data centers. If these organizations run Kubernetes clusters today to host other services, then running EmpowerID containers on-premises is easily accomplished. While the traditional installation model is an option for organizations without the know-how to run Kubernetes clusters, EmpowerID is currently testing a lightweight Kubernetes Virtual Appliance technology to offer the benefits of a containerized deployment without all the complexity involved with rolling out a new Kubernetes infrastructure.
...
| Info |
|---|
A containerized environment provides organizations with the full EmpowerID experience , but differs only in how the product is delivered. Instead of following the standard EmpowerID installation detailed in the Admin Guide, it can be deployed via containers and EmpowerID components can be rapidly scaled up or down as required. |
...
Containers help system admins create an infrastructure that's easier to update and maintain, and that more fully utilizes hardware resources. IT professionals can use containers to provide standardized EmpowerID instances for their development, QA, and production environments. By using containers, systems administrators abstract away differences in operating system installations and the underlying infrastructure.
...
Multiple installation options are available
Fully managed SaaS from EmpowerID
Can be hosted in Azure Kubernetes Services (AKS), OpenShift, etc., cloud containerization platforms
Can be deployed in an on-premise containerization platform
Easier patching without interruption to users; modern containerization platforms have the ability for non-disruptive rollouts as new component revisions become available
Ability to scale up or down; there is no need to install EmpowerID-related software requirements on nodes
Ability to auto-scale on demand
Provides for better use of resources, by running more components across hardware (vs dedicated hardware for each component)
...
Worker Role
The Worker Role containers make up the application tier of the system and are used for back-end processing of system integration processes such as inventory, synchronization, security management, and internal web service processes. The number of required running containers depends on the number and types of applications and integration processes being managed. These containers do not service Web user requests.
Web Role
The Web Role containers serve as the front-end user interface for the Web applications used by users. These containers serve up the Web pages and perform any interactive workflow processing initiated by users.
IT Shop
The IT Shop provides a shopping cart experience which that empowers end-users to request access for themselves and to allow designated managers or coordinators to request access for others with flexible workflow approvals
MyIdentity
The My Identity microservice provides a central location from which users can view relative information about themselves, create permanent delegations for business requests tasks for which they are an approver that route those tasks to others for approval, as well as allows them to personalize the number and frequency of email notifications they receive about those business tasks.
Azure Analytics
The Azure Analytic Microservice provides organizations with intelligent, real-time visual feedback on the drivers of their Azure expenses and the number of licenses being consumed by their organization at any given data point.
MyTasks
The My Tasks microservice provides a central location from which users can view the status of their access requests, make and respond to comments about those requests, and in situations where they are designated approvers, approve or reject access requests submitted by other users.
Azure AD SCIM (Deployed as an Azure App Service)
The Azure AD SCIM microservice provides organizations with the tools to manage Azure AD users, roles, and licenses
Azure Exchange Mailbox (Deployed as Azure App Service)
Role Mining (Deployed as Azure Functions)
EmpowerID Role Mining provides intelligence and insights with real-time authorization, in-depth visibility, and the automating of role-mining and optimization , while maintaining speed, reducing redundancy, and staying compliant.
Privileged Session Manager (PSM)
EmpowerID Privileged Session Manager (PSM) is an application cluster that allows you to access, record, and monitor privileged sessions. With PSM, users can be issued privileged access to computers while meeting audit requirements. It enables granting access to users for a specific amount of time, the capability to live monitor live and terminate session sessions at any point, and replaying sessions. It also includes time-constrained access to credentials and automatic termination of sessions after time limit expiry.
...
Container Images
EmpowerID will provide OCI-compliant images for the base components of the EmpowerID suite and other microservices that the client has licensed for use
Deployment Templates
Kubernetes YAML files will be provided, along with documentation describing various common environmental variables and required secrets.
Database
A Microsoft SQL Server BAC file (or BACPAC file) will be provided to help initialize the primary EmpowerID data storedatastore
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|